-
-
Notifications
You must be signed in to change notification settings - Fork 0
88 lines (87 loc) · 2.96 KB
/
dependabot-rebuild.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# Dependabot Rebuild
#
# Rebuild GitHub Action for @dependabot.
#
# Note: This `jobs.dependabot-rebuild.dedupe` step can be removed once dependabot supports some type
# of automatic deduplication. See https://github.com/dependabot/dependabot-core/issues/5830 for
# details.
#
# References:
#
# - https://docs.github.com/actions/learn-github-actions/contexts
# - https://docs.github.com/actions/learn-github-actions/expressions
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request
# - https://docs.github.com/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request
# - https://github.com/actions/checkout
# - https://github.com/actions/create-github-app-token
# - https://github.com/actions/setup-node
# - https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#yarn2-configuration
# - https://github.com/hmarr/debug-action
# - https://yarnpkg.com/cli/dedupe
# - https://yarnpkg.com/cli/install
---
name: dependabot-rebuild
on:
pull_request:
branches:
- main
permissions:
packages: read
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
YARN_ENABLE_GLOBAL_CACHE: true
YARN_ENABLE_IMMUTABLE_INSTALLS: false
YARN_ENABLE_SCRIPTS: false
concurrency:
cancel-in-progress: true
group: ${{ github.workflow }}-${{ github.ref }}
jobs:
dependabot-rebuild:
if: github.actor == 'dependabot[bot]' && startsWith(github.head_ref, 'dependabot/npm_and_yarn/')
runs-on: ubuntu-latest
steps:
- id: debug
name: Print environment variables and event payload
uses: hmarr/[email protected]
- id: bot-token
name: Get bot token
uses: actions/[email protected]
with:
app-id: ${{ secrets.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- id: checkout
name: Checkout ${{ github.head_ref }}
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ github.head_ref }}
token: ${{ steps.bot-token.outputs.token }}
- id: node
name: Setup Node.js
uses: actions/[email protected]
with:
cache: yarn
cache-dependency-path: yarn.lock
node-version-file: .nvmrc
- id: yarn
name: Install dependencies
run: yarn
- id: dedupe
name: Deduplicate dependencies
run: yarn fix:dedupe
- id: rebuild
name: Rebuild action
env:
NODE_NO_WARNINGS: 1
run: yarn build
- id: status
name: Print git status
run: git status --porcelain
- id: commit
name: Commit and push
uses: ./
with:
message: 'build: [dependabot skip] rebuild action for @dependabot'
token: ${{ steps.bot-token.outputs.token }}
trailers: 'Signed-off-by: ${{ vars.BOT_NAME }} <${{ vars.BOT_EMAIL }}>'